<?php
require_once($_SESSION['IZ_CALPATH'].'includes/functions_ajax.php');
/**
* Handles AJAX requests
*/
session_start();
header("Content-Type: text/html; charset=utf-8");
header('Expires: 0');
header("cache-control: no-store, no-cache, must-revalidate"); 
header("Pragma: no-cache");
require_once('vars.php');
if($_GET['customisepanel'] =='1') {
  showcustomisepanel();
} elseif($_GET['updatecal']) {
    if($_GET['events']) {
      if($_GET['nochange'] != '1') {
        filter_cats('events');
      }
      switch($_GET['divtype']) {
        case "main":
          switch($_GET['view']) {
            case "day":
              echo get_day($_GET['secs']);
              break;
            case "week":
              echo get_week($_GET['secs']);
              break;
            case "month":
              echo get_month($_GET['secs'],'nav','nolink');
              break;
            case "extmonth":
              echo get_month($_GET['secs'],'nav','nolink','ext');
              break;
            case "year":
              echo get_year($_GET['secs']);
              break;
          }
          break;
        case "list":
          $view = 'list';
          list_events();
          break;
        case "expanded":
          $view = 'list';
          list_events();
          break;
      }
    } elseif($_GET['todo']) {
      if($_GET['nochange'] != '1') {
        filter_cats('task');
        update_span('todo');
      }
      switch($_GET['divtype']) {
        case "main":
          gettodolist(1);
          break;
        case "list":
          $view = 'list';
          list_todo();
          break;
        case "expanded":
          $view = 'list';
          list_todo();
          break;
      }
    }
} elseif($_GET['act'] == 'delete') {
  switch($_GET['type']) {
    case "event":
      $event = new event($_GET['id'],'','','','','','venue','','','','','author','','','','','');
      $event->delete();
      break;
    case "todo":
      $todo = new todo(new todores($_GET['id'],'','','','','','','','','',''));
      $todo->delete();
      break;
    case "comment":
      $comment = new comment($_GET['id'],'1','1','1');
      $comment->delete();
      break;
  }
} elseif(isset($_GET['todo'])) {
    if(($_SESSION['edit'] > 0) || ($_SESSION['delete'] > 0)) {
      switch($_GET['todo']) {
        case "complete":
          completetodo();
          gettodolist(1);
          break;
        case "delete":
          deltodo();
          gettodolist(1);
          break;
        case "showedit":
          gettodoeditform($_GET['id']);
          break;
        case "edit":
          edittodo();          
          gettodolist(1);
          die();
          break;
      }
    }
} elseif(isset($_GET['inline'])) {
  // used to submit an ajax edit from the event/task view page
  switch($_GET['type']) {
    case 'e':
      $event = new event(new eventres());
      $event->id = $_GET['id'];
      $event->getdetails();
      if($_SESSION['cpanel'] == 1
           || $_SESSION['edit'] == 2
           || ($_SESSION['edit'] == 1
               && (strtolower($event->author) == strtolower($_SESSION['uname']))
                   || (strtolower($event->author) == 'everyone')
               )
         ) {
        if(isset($_GET['title'])) {
          if(strlen($_GET['title']) > 0) {
            $event->updatefield('title',$_GET['title']);
            echo $_GET['title'];
          } else {
            header('HTTP/1.0 500 Validation Failed');
            echo ERR_EVENTNONAME;
          }
        } elseif(isset($_GET['description'])) {
          $event->updatefield('description',str_replace("\n", '<br />', $_GET['description']));
          echo str_replace("\n", '<br />', $_GET['description']);
        } elseif(isset($_GET['request'])) {
          // returns the unformatted value of a field so a user can edit it
          switch($_GET['request']) {
            case 'description':
              echo dirty($event->description);
              break;
          }
        }
      } else {
        echo '<span>&#35;147&#58; ',ERR_NOPERMISSION,'</span>';
      }
      break;
    case 't':
      $todo = new todo(new todores());
      $todo->id = $_GET['id'];
      $todo->getdetails();
      if($_SESSION['cpanel'] == 1
           || $_SESSION['edit'] == 2
           || ($_SESSION['edit'] == 1
               && (strtolower($todo->author) == strtolower($_SESSION['uname']))
                   || (strtolower($todo->author) == 'everyone')
               )
         ) {
        if(isset($_GET['title'])) {
          if(strlen($_GET['title']) > 0) {
            $todo->updatefield('title',$_GET['title']);
            echo $_GET['title'];
          } else {
            header('HTTP/1.0 500 Validation Failed');
            echo ERR_TASKNAME;
          }
        } else if(isset($_GET['description'])) {
          $todo->updatefield('description',str_replace("\n", '<br />', $_GET['description']));
          echo str_replace("\n", '<br />', $_GET['description']);
        } elseif(isset($_GET['request'])) {
          // returns the unformatted value of a field so a user can edit it
          switch($_GET['request']) {
            case 'description':
              echo dirty($todo->description);
              break;
          }
        }
      } else {
        echo '<span>&#35;148&#58; ',ERR_NOPERMISSION,'</span>';
      }
      break;
  }
} else {
  if($_GET['mass'] == 'delete') {
    massdelete();
  } elseif($_GET['savepref']) {
    $pref = $_GET['pref'];
    $prefval = $_GET['val'];
    $_SESSION[$pref] = $prefval;
    $user->saveexpandstatus();
  }
}
?>